Commit 3f53a1cb authored by konstantin@mysql.com's avatar konstantin@mysql.com

Fix for bug#4236 "Server crash on attempt to execute non-prepared

 statement": check that statement is not null when accessing it's name.
parent b929db87
......@@ -561,7 +561,7 @@ class Statement_map
{
Statement *stmt;
stmt= (Statement *) hash_search(&st_hash, (byte *) &id, sizeof(id));
if (stmt->name.str)
if (stmt && stmt->name.str)
return NULL;
last_found_statement= stmt;
}
......
......@@ -9912,6 +9912,35 @@ static void test_bug4079()
mysql_stmt_close(stmt);
}
static void test_bug4236()
{
MYSQL_STMT *stmt;
const char *stmt_text;
int rc;
MYSQL_STMT backup;
myheader("test_bug4296");
stmt= mysql_stmt_init(mysql);
/* mysql_stmt_execute() of statement with statement id= 0 crashed server */
stmt_text= "SELECT 1";
/* We need to prepare statement to pass by possible check in libmysql */
rc= mysql_stmt_prepare(stmt, stmt_text, strlen(stmt_text));
check_execute(stmt, rc);
/* Hack to check that server works OK if statement wasn't found */
backup.stmt_id= stmt->stmt_id;
stmt->stmt_id= 0;
rc= mysql_stmt_execute(stmt);
assert(rc);
/* Restore original statement id to be able to reprepare it */
stmt->stmt_id= backup.stmt_id;
mysql_stmt_close(stmt);
}
/*
Read and parse arguments and MySQL options from my.cnf
*/
......@@ -10206,6 +10235,7 @@ int main(int argc, char **argv)
test_bug3796(); /* test for select concat(?, <string>) */
test_bug4026(); /* test microseconds precision of time types */
test_bug4079(); /* erroneous subquery in prepared statement */
test_bug4236(); /* init -> execute */
/*
XXX: PLEASE RUN THIS PROGRAM UNDER VALGRIND AND VERIFY THAT YOUR TEST
DOESN'T CONTAIN WARNINGS/ERRORS BEFORE YOU PUSH.
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment